This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch CAMEL-20775
in repository https://gitbox.apache.org/repos/asf/camel.git
commit 0ef5dc8503c4d402b2fcd096c291875ce1decddb
Author: Andrea Cosentino <anco...@gmail.com>
AuthorDate: Mon May 20 16:59:13 2024 +0200
CAMEL-20775 - camel-hashicorp-vault - configure multiple engines
Signed-off-by: Andrea Cosentino <anco...@gmail.com>
---
.../src/main/docs/hashicorp-vault-component.adoc | 32 ++++++++----------
docs/user-manual/modules/ROOT/pages/security.adoc | 38 ++++++++++------------
2 files changed, 31 insertions(+), 39 deletions(-)
diff --git
a/components/camel-hashicorp-vault/src/main/docs/hashicorp-vault-component.adoc
b/components/camel-hashicorp-vault/src/main/docs/hashicorp-vault-component.adoc
index 102faa24b5f..a4958d0d1d5 100644
---
a/components/camel-hashicorp-vault/src/main/docs/hashicorp-vault-component.adoc
+++
b/components/camel-hashicorp-vault/src/main/docs/hashicorp-vault-component.adoc
@@ -50,7 +50,6 @@ To use this function, you'll need to provide credentials for
Hashicorp vault as
[source,bash]
----
export $CAMEL_VAULT_HASHICORP_TOKEN=token
-export $CAMEL_VAULT_HASHICORP_ENGINE=secretKey
export $CAMEL_VAULT_HASHICORP_HOST=host
export $CAMEL_VAULT_HASHICORP_PORT=port
export $CAMEL_VAULT_HASHICORP_SCHEME=http/https
@@ -61,7 +60,6 @@ You can also configure the credentials in the
`application.properties` file such
[source,properties]
----
camel.vault.hashicorp.token = token
-camel.vault.hashicorp.engine = engine
camel.vault.hashicorp.host = host
camel.vault.hashicorp.port = port
camel.vault.hashicorp.scheme = scheme
@@ -74,12 +72,12 @@ At this point, you'll be able to reference a property in
the following way:
<camelContext>
<route>
<from uri="direct:start"/>
- <to uri="{{hashicorp:route}}"/>
+ <to uri="{{hashicorp:secret:route}}"/>
</route>
</camelContext>
----
-Where route will be the name of the secret stored in the Hashicorp Vault
instance.
+Where route will be the name of the secret stored in the Hashicorp Vault
instance, in the 'secret' engine.
You could specify a default value in case the secret is not present on
Hashicorp Vault instance:
@@ -88,12 +86,12 @@ You could specify a default value in case the secret is not
present on Hashicorp
<camelContext>
<route>
<from uri="direct:start"/>
- <to uri="{{hashicorp:route:default}}"/>
+ <to uri="{{hashicorp:secret:route:default}}"/>
</route>
</camelContext>
----
-In this case, if the secret doesn't exist, the property will fall back to
"default" as value.
+In this case, if the secret doesn't exist in the 'secret' engine, the property
will fall back to "default" as value.
Also, you are able to get a particular field of the secret, if you have, for
example, a secret named database of this form:
@@ -109,33 +107,33 @@ Also, you are able to get a particular field of the
secret, if you have, for exa
}
----
-You're able to do get single secret value in your route, like for example:
+You're able to do get single secret value in your route, in the 'secret'
engine, like for example:
[source,xml]
----
<camelContext>
<route>
<from uri="direct:start"/>
- <log message="Username is {{hashicorp:database/username}}"/>
+ <log message="Username is {{hashicorp:secret:database/username}}"/>
</route>
</camelContext>
----
Or re-use the property as part of an endpoint.
-You could specify a default value in case the particular field of secret is
not present on Hashicorp Vault instance:
+You could specify a default value in case the particular field of secret is
not present on Hashicorp Vault instance, in the 'secret' engine:
[source,xml]
----
<camelContext>
<route>
<from uri="direct:start"/>
- <log message="Username is {{hashicorp:database/username:admin}}"/>
+ <log message="Username is
{{hashicorp:secret:database/username:admin}}"/>
</route>
</camelContext>
----
-In this case, if the secret doesn't exist or the secret exists, but the
username field is not part of the secret, the property will fall back to
"admin" as value.
+In this case, if the secret doesn't exist or the secret exists (in the
'secret' engine) but the username field is not part of the secret, the property
will fall back to "admin" as value.
There is also the syntax to get a particular version of the secret for both
the approach, with field/default value specified or only with secret:
@@ -144,12 +142,12 @@ There is also the syntax to get a particular version of
the secret for both the
<camelContext>
<route>
<from uri="direct:start"/>
- <to uri="{{hashicorp:route@2}}"/>
+ <to uri="{{hashicorp:secret:route@2}}"/>
</route>
</camelContext>
----
-This approach will return the RAW route secret with version '2'.
+This approach will return the RAW route secret with version '2', in the
'secret' engine.
[source,xml]
----
@@ -161,20 +159,18 @@ This approach will return the RAW route secret with
version '2'.
</camelContext>
----
-This approach will return the route secret value with version '2' or default
value in case the secret doesn't exist or the version doesn't exist.
+This approach will return the route secret value with version '2' or default
value in case the secret doesn't exist or the version doesn't exist (in the
'secret' engine).
[source,xml]
----
<camelContext>
<route>
<from uri="direct:start"/>
- <log message="Username is {{hashicorp:database/username:admin@2}}"/>
+ <log message="Username is
{{hashicorp:secret:database/username:admin@2}}"/>
</route>
</camelContext>
----
-This approach will return the username field of the database secret with
version '2' or admin in case the secret doesn't exist or the version doesn't
exist.
-
-For the moment we are not considering the rotation function if any are
applied, but it is in the work to be done.
+This approach will return the username field of the database secret with
version '2' or admin in case the secret doesn't exist or the version doesn't
exist (in the 'secret' engine).
The only requirement is adding the camel-hashicorp-vault jar to your Camel
application.
diff --git a/docs/user-manual/modules/ROOT/pages/security.adoc
b/docs/user-manual/modules/ROOT/pages/security.adoc
index 36f7a26eceb..f98e3cfddf8 100644
--- a/docs/user-manual/modules/ROOT/pages/security.adoc
+++ b/docs/user-manual/modules/ROOT/pages/security.adoc
@@ -422,12 +422,11 @@ The only requirement is adding the camel-azure-key-vault
jar to your Camel appli
==== Using Hashicorp Vault
-To use this function you'll need to provide credentials for Hashicorp vault as
environment variables:
+To use this function, you'll need to provide credentials for Hashicorp vault
as environment variables:
[source,bash]
----
export $CAMEL_VAULT_HASHICORP_TOKEN=token
-export $CAMEL_VAULT_HASHICORP_ENGINE=secretKey
export $CAMEL_VAULT_HASHICORP_HOST=host
export $CAMEL_VAULT_HASHICORP_PORT=port
export $CAMEL_VAULT_HASHICORP_SCHEME=http/https
@@ -438,25 +437,24 @@ You can also configure the credentials in the
`application.properties` file such
[source,properties]
----
camel.vault.hashicorp.token = token
-camel.vault.hashicorp.engine = engine
camel.vault.hashicorp.host = host
camel.vault.hashicorp.port = port
camel.vault.hashicorp.scheme = scheme
----
-At this point you'll be able to reference a property in the following way:
+At this point, you'll be able to reference a property in the following way:
[source,xml]
----
<camelContext>
<route>
<from uri="direct:start"/>
- <to uri="{{hashicorp:route}}"/>
+ <to uri="{{hashicorp:secret:route}}"/>
</route>
</camelContext>
----
-Where route will be the name of the secret stored in the Hashicorp Vault
instance.
+Where route will be the name of the secret stored in the Hashicorp Vault
instance, in the 'secret' engine.
You could specify a default value in case the secret is not present on
Hashicorp Vault instance:
@@ -465,14 +463,14 @@ You could specify a default value in case the secret is
not present on Hashicorp
<camelContext>
<route>
<from uri="direct:start"/>
- <to uri="{{hashicorp:route:default}}"/>
+ <to uri="{{hashicorp:secret:route:default}}"/>
</route>
</camelContext>
----
-In this case if the secret doesn't exist, the property will fallback to
"default" as value.
+In this case, if the secret doesn't exist in the 'secret' engine, the property
will fall back to "default" as value.
-Also you are able to get particular field of the secret, if you have for
example a secret named database of this form:
+Also, you are able to get a particular field of the secret, if you have, for
example, a secret named database of this form:
[source,bash]
----
@@ -486,33 +484,33 @@ Also you are able to get particular field of the secret,
if you have for example
}
----
-You're able to do get single secret value in your route, like for example:
+You're able to do get single secret value in your route, in the 'secret'
engine, like for example:
[source,xml]
----
<camelContext>
<route>
<from uri="direct:start"/>
- <log message="Username is {{hashicorp:database/username}}"/>
+ <log message="Username is {{hashicorp:secret:database/username}}"/>
</route>
</camelContext>
----
Or re-use the property as part of an endpoint.
-You could specify a default value in case the particular field of secret is
not present on Hashicorp Vault instance:
+You could specify a default value in case the particular field of secret is
not present on Hashicorp Vault instance, in the 'secret' engine:
[source,xml]
----
<camelContext>
<route>
<from uri="direct:start"/>
- <log message="Username is {{hashicorp:database/username:admin}}"/>
+ <log message="Username is
{{hashicorp:secret:database/username:admin}}"/>
</route>
</camelContext>
----
-In this case if the secret doesn't exist or the secret exists, but the
username field is not part of the secret, the property will fallback to "admin"
as value.
+In this case, if the secret doesn't exist or the secret exists (in the
'secret' engine) but the username field is not part of the secret, the property
will fall back to "admin" as value.
There is also the syntax to get a particular version of the secret for both
the approach, with field/default value specified or only with secret:
@@ -521,12 +519,12 @@ There is also the syntax to get a particular version of
the secret for both the
<camelContext>
<route>
<from uri="direct:start"/>
- <to uri="{{hashicorp:route@2}}"/>
+ <to uri="{{hashicorp:secret:route@2}}"/>
</route>
</camelContext>
----
-This approach will return the RAW route secret with version '2'.
+This approach will return the RAW route secret with version '2', in the
'secret' engine.
[source,xml]
----
@@ -538,21 +536,19 @@ This approach will return the RAW route secret with
version '2'.
</camelContext>
----
-This approach will return the route secret value with version '2' or default
value in case the secret doesn't exist or the version doesn't exist.
+This approach will return the route secret value with version '2' or default
value in case the secret doesn't exist or the version doesn't exist (in the
'secret' engine).
[source,xml]
----
<camelContext>
<route>
<from uri="direct:start"/>
- <log message="Username is {{hashicorp:database/username:admin@2}}"/>
+ <log message="Username is
{{hashicorp:secret:database/username:admin@2}}"/>
</route>
</camelContext>
----
-This approach will return the username field of the database secret with
version '2' or admin in case the secret doesn't exist or the version doesn't
exist.
-
-The only requirement is adding the camel-hashicorp-vault jar to your Camel
application.
+This approach will return the username field of the database secret with
version '2' or admin in case the secret doesn't exist or the version doesn't
exist (in the 'secret' engine).
==== Automatic Camel context reloading on Secret Refresh while using AWS
Secrets Manager
